The latest Java version, Java 7 Update 10 contains a critical security vulnerability which is reportedly already being used for large scale cyberattacks. Users who have Java installed on their computers should deactivate the Java plugin in their browsers without delay.
A malware researcher calling himself kafeine has discovered an online exploit which makes use of a previously unknown Java vulnerability. Security experts at AlienVault have analysed the exploit and confirmed the significance of the find. They were able to use it to inject code onto a fully patched Windows system running Java 7 Update 10. It is currently unclear whether the vulnerability is also present in Java 6, though the exploit did not work in initial tests on Java 6 carried out by kafeine.